Chapter 9. Physical Security and Biometrics
Physical security protects your physical computer and networking facilities—your building, your server room, your computers, your backup media, and increasingly, your people. Biometric devices (devices that sample a physical or behavioral trait—for example, a fingerprint—and compare it with the traits on file to determine whether you are who you claim to be) provide an important first defense against breakins.
Sound physical security is the basis on which a security policy and its resulting activities must rest. The best computer security activities can easily be negated by careless physical security. The importance of good physical security can be illustrated by referring once again to the two security mnemonics: CIA and IRA. The first refers to the following:
- Confidentiality
That which is secret should stay that way.
- Integrity
That which is received is identical to what was sent, what is retrieved should be identical to what was stored.
- Accessibility
What is stored should be easy to retrieve, what you need or where you wish to go should always be available to you.
The stepping stones to these are in the IRA:
- Identification
Being able to prove you are who you say you are.
- Reliability
All systems function as they should on demand, even in a crisis.
- Authentication
Making sure users can access only those areas for which they are authorized.
To show how these relate to physical security, consider the following story.
In December 2002, social security numbers ...
Get Computer Security Basics, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.